ref: eb3a4033c7d6f1d5e042edd5f416bbc257e40975
parent: 1e5e0a565cbcaf4f8aafa5a12c84e987aa822e13
author: Simon Howard <fraggle@gmail.com>
date: Sat Mar 29 17:49:57 EDT 2014
strife: Eliminate use of unsafe string functions. Eliminate use of strcpy, strcat, strncpy, and use the new safe alternatives.
--- a/src/strife/d_main.c
+++ b/src/strife/d_main.c
@@ -783,20 +783,26 @@
if (deh_sub != banners[i])
{+ size_t gamename_size;
+
// Has been replaced
// We need to expand via printf to include the Doom version
// number
// We also need to cut off spaces to get the basic name
- gamename = Z_Malloc(strlen(deh_sub) + 10, PU_STATIC, 0);
- sprintf(gamename, deh_sub, STRIFE_VERSION / 100, STRIFE_VERSION % 100);
+ gamename_size = strlen(deh_sub) + 10;
+ gamename = Z_Malloc(gamename_size, PU_STATIC, 0);
+ snprintf(gamename, gamename_size, deh_sub,
+ STRIFE_VERSION / 100, STRIFE_VERSION % 100);
while (gamename[0] != '\0' && isspace(gamename[0]))
- strcpy(gamename, gamename+1);
+ {+ memmove(gamename, gamename + 1, gamename_size - 1);
+ }
while (gamename[0] != '\0' && isspace(gamename[strlen(gamename)-1]))
gamename[strlen(gamename) - 1] = '\0';
-
+
return gamename;
}
}
@@ -848,7 +854,7 @@
// how the heck is Choco surviving without this routine?
sepchar = M_GetFilePath(iwad, filename, len);
filename[strlen(filename)] = sepchar;
- strcat(filename, "voices.wad");
+ M_StringConcat(filename, "voices.wad", sizeof(filename));
if(!M_FileExists(filename))
disable_voices = 1;
@@ -1602,17 +1608,17 @@
{if (!strcasecmp(myargv[p+1] + strlen(myargv[p+1]) - 4, ".lmp"))
{- strcpy(file, myargv[p + 1]);
+ M_StringCopy(file, myargv[p + 1], sizeof(file));
}
else
{- sprintf (file,"%s.lmp", myargv[p+1]);
+ snprintf(file, sizeof(file), "%s.lmp", myargv[p+1]);
}
if (D_AddFile (file))
{- strncpy(demolumpname, lumpinfo[numlumps - 1].name, 8);
- demolumpname[8] = '\0';
+ M_StringCopy(demolumpname, lumpinfo[numlumps - 1].name,
+ sizeof(demolumpname));
printf("Playing demo %s.\n", file);}
@@ -1622,8 +1628,7 @@
// the demo in the same way as Vanilla Doom. This makes
// tricks like "-playdemo demo1" possible.
- strncpy(demolumpname, myargv[p + 1], 8);
- demolumpname[8] = '\0';
+ M_StringCopy(demolumpname, myargv[p + 1], sizeof(demolumpname));
}
}
--- a/src/strife/d_net.c
+++ b/src/strife/d_net.c
@@ -32,6 +32,7 @@
#include "d_main.h"
#include "m_argv.h"
#include "m_menu.h"
+#include "m_misc.h"
#include "i_system.h"
#include "i_timer.h"
#include "i_video.h"
@@ -58,8 +59,8 @@
// Do this the same way as Vanilla Doom does, to allow dehacked
// replacements of this message
- strncpy(exitmsg, DEH_String("Player 1 left the game"), sizeof(exitmsg));- exitmsg[sizeof(exitmsg) - 1] = '\0';
+ M_StringCopy(exitmsg, DEH_String("Player 1 left the game"),+ sizeof(exitmsg));
exitmsg[7] += player_num;
--- a/src/strife/g_game.c
+++ b/src/strife/g_game.c
@@ -39,6 +39,7 @@
#include "m_controls.h"
#include "m_misc.h"
#include "m_menu.h"
+#include "m_misc.h"
#include "m_saves.h" // STRIFE
#include "m_random.h"
#include "i_system.h"
@@ -1024,7 +1025,10 @@
case BTS_SAVEGAME:
if (!character_name[0]) // [STRIFE]
- strcpy (character_name, "NET GAME");
+ {+ M_StringCopy(character_name, "NET GAME",
+ sizeof(character_name));
+ }
savegameslot =
(players[i].cmd.buttons & BTS_SAVEMASK)>>BTS_SAVESHIFT;
gameaction = ga_savegame;
@@ -1172,7 +1176,8 @@
p->inventory[i].type = NUMMOBJTYPES;
// villsa [STRIFE]: Default objective
- strncpy(mission_objective, DEH_String("Find help"), OBJECTIVE_LEN);+ M_StringCopy(mission_objective, DEH_String("Find help"),+ OBJECTIVE_LEN);
}
//
@@ -1656,13 +1661,13 @@
// [STRIFE]: No such function.
/*
-void G_LoadGame (char* name)
-{ - strcpy (savename, name);
- gameaction = ga_loadgame;
-}
+void G_LoadGame (char* name)
+{+ M_StringCopy(savename, name, sizeof(savename));
+ gameaction = ga_loadgame;
+}
*/
-
+
// haleyjd 20100928: [STRIFE] VERSIONSIZE == 8
#define VERSIONSIZE 8
@@ -1755,7 +1760,7 @@
// haleyjd: memset full character_name for safety
memset(character_name, 0, CHARACTER_NAME_LEN);
- strcpy(character_name, charname);
+ M_StringCopy(character_name, charname, sizeof(character_name));
// haleyjd: use M_SafeFilePath
tmpname = M_SafeFilePath(savepathtemp, "name");
@@ -1771,7 +1776,7 @@
//
// G_SaveGame
// Called by the menu task.
-// Description is a 24 byte text string
+// Description is a 24 byte text string
//
// [STRIFE] No such function, at least in v1.2
// STRIFE-TODO: Does this make a comeback in v1.31?
@@ -1779,14 +1784,14 @@
void
G_SaveGame
( int slot,
- char* description )
-{ - savegameslot = slot;
- strcpy (savedescription, description);
- sendsave = true;
-}
+ char* description )
+{+ savegameslot = slot;
+ M_StringCopy(savedescription, description, sizeof(savedescription));
+ sendsave = true;
+}
*/
-
+
void G_DoSaveGame (char *path)
{ char *current_path;
@@ -1859,7 +1864,7 @@
Z_Free(savegame_file);
gameaction = ga_nothing;
- //strcpy(savedescription, "");
+ //M_StringCopy(savedescription, "", sizeof(savedescription));
// [STRIFE]: custom message logic
if(!strcmp(path, savepath))
--- a/src/strife/hu_stuff.c
+++ b/src/strife/hu_stuff.c
@@ -38,6 +38,7 @@
#include "hu_stuff.h"
#include "hu_lib.h"
#include "m_controls.h"
+#include "m_misc.h"
#include "w_wad.h"
#include "s_sound.h"
@@ -599,7 +600,7 @@
// leave chat mode and notify that it was sent
chat_on = false;
- strcpy(lastmessage, chat_macros[c]);
+ M_StringCopy(lastmessage, chat_macros[c], sizeof(lastmessage));
plr->message = lastmessage;
eatkey = true;
}
@@ -650,7 +651,8 @@
{eatkey = true;
HU_queueChatChar(HU_CHANGENAME);
- strncpy(lastmessage, DEH_String("Changing Name:"), sizeof(lastmessage));+ M_StringCopy(lastmessage, DEH_String("Changing Name:"),+ sizeof(lastmessage));
plr->message = lastmessage;
hu_setting_name = true;
}
@@ -677,7 +679,8 @@
}
else
{- strcpy(lastmessage, w_chat.l.l);
+ M_StringCopy(lastmessage, w_chat.l.l,
+ sizeof(lastmessage));
}
plr->message = lastmessage;
}
--- a/src/strife/m_menu.c
+++ b/src/strife/m_menu.c
@@ -54,6 +54,7 @@
#include "m_argv.h"
#include "m_controls.h"
+#include "m_misc.h"
#include "m_saves.h" // [STRIFE]
#include "p_saveg.h"
@@ -560,7 +561,8 @@
handle = fopen(fname, "rb");
if(handle == NULL)
{- strcpy(savegamestrings[i], EMPTYSTRING);
+ M_StringCopy(savegamestrings[i], EMPTYSTRING,
+ sizeof(savegamestrings[i]));
LoadMenu[i].status = 0;
continue;
}
@@ -765,7 +767,7 @@
quickSaveSlot = choice;
//saveSlot = choice;
- strcpy(saveOldString,savegamestrings[choice]);
+ M_StringCopy(saveOldString, savegamestrings[choice], sizeof(saveOldString));
if (!strcmp(savegamestrings[choice],EMPTYSTRING))
savegamestrings[choice][0] = 0;
saveCharIndex = strlen(savegamestrings[choice]);
@@ -1850,7 +1852,8 @@
case KEY_ESCAPE:
saveStringEnter = 0;
- strcpy(&savegamestrings[quickSaveSlot][0],saveOldString);
+ M_StringCopy(savegamestrings[quickSaveSlot], saveOldString,
+ sizeof(savegamestrings[quickSaveSlot]));
break;
case KEY_ENTER:
@@ -2286,24 +2289,32 @@
int foundnewline = 0;
for (i = 0; i < strlen(messageString + start); i++)
+ {if (messageString[start + i] == '\n')
{- memset(string, 0, sizeof(string));
- strncpy(string, messageString + start, i);
+ M_StringCopy(string, messageString + start,
+ sizeof(string));
+ if (i < sizeof(string))
+ {+ string[i] = '\0';
+ }
+
foundnewline = 1;
start += i + 1;
break;
}
+ }
- if (!foundnewline)
- {- strcpy(string, messageString + start);
- start += strlen(string);
- }
+ if (!foundnewline)
+ {+ M_StringCopy(string, messageString + start,
+ sizeof(string));
+ start += strlen(string);
+ }
- x = 160 - M_StringWidth(string) / 2;
- M_WriteText(x, y, string);
- y += SHORT(hu_font[0]->height);
+ x = 160 - M_StringWidth(string) / 2;
+ M_WriteText(x, y, string);
+ y += SHORT(hu_font[0]->height);
}
return;
--- a/src/strife/m_saves.c
+++ b/src/strife/m_saves.c
@@ -501,7 +501,7 @@
p = dest + len - 1;
- strncpy(dest, fn, len);
+ M_StringCopy(dest, fn, len);
while(p >= dest)
{
--- a/src/strife/p_dialog.c
+++ b/src/strife/p_dialog.c
@@ -38,6 +38,7 @@
#include "doomstat.h"
#include "m_random.h"
#include "m_menu.h"
+#include "m_misc.h"
#include "r_main.h"
#include "v_video.h"
#include "p_local.h"
@@ -719,7 +720,7 @@
{
if(mobjinfo[type].name)
{
- strncpy(pickupstring, DEH_String(mobjinfo[type].name), 39);
+ M_StringCopy(pickupstring, DEH_String(mobjinfo[type].name), 39);
player->message = pickupstring;
}
player->questflags |= 1 << (type - MT_TOKEN_QUEST1);
@@ -1132,10 +1133,9 @@
if(currentdialog->choices[i].needamounts[0] > 0)
{
// haleyjd 20120401: necessary to avoid undefined behavior:
- strcpy(choicetext2, choicetext);
+ M_StringCopy(choicetext2, choicetext, sizeof(choicetext2));
DEH_snprintf(choicetext, sizeof(choicetext),
- "%s for %d",
- choicetext2,
+ "%s for %d", choicetext2,
currentdialog->choices[i].needamounts[0]);
}
@@ -1228,7 +1228,7 @@
{
DEH_snprintf(mission_objective, OBJECTIVE_LEN, "log%i", objective);
objlump = W_CacheLumpName(mission_objective, PU_CACHE);
- strncpy(mission_objective, objlump, OBJECTIVE_LEN);
+ M_StringCopy(mission_objective, objlump, OBJECTIVE_LEN);
}
// haleyjd 20130301: v1.31 hack: if first char of message is a period,
// clear the player's message. Is this actually used anywhere?
--- a/src/strife/p_dialog.h
+++ b/src/strife/p_dialog.h
@@ -52,7 +52,8 @@
do { \
int obj_ln = W_CheckNumForName(DEH_String(x)); \
if(obj_ln > minlumpnum) \
- strncpy(mission_objective, W_CacheLumpNum(obj_ln, PU_CACHE), OBJECTIVE_LEN);\
+ M_StringCopy(mission_objective, W_CacheLumpNum(obj_ln, PU_CACHE), \
+ OBJECTIVE_LEN);\
} while(0)
// haleyjd - voice and objective in one
@@ -61,7 +62,8 @@
int obj_ln = W_CheckNumForName(DEH_String(log)); \
I_StartVoice(DEH_String(voice)); \
if(obj_ln > minlumpnum) \
- strncpy(mission_objective, W_CacheLumpNum(obj_ln, PU_CACHE), OBJECTIVE_LEN);\
+ M_StringCopy(mission_objective, W_CacheLumpNum(obj_ln, PU_CACHE), \
+ OBJECTIVE_LEN);\
} while(0)
typedef struct mapdlgchoice_s
--- a/src/strife/p_enemy.c
+++ b/src/strife/p_enemy.c
@@ -32,6 +32,7 @@
#include "m_random.h"
#include "i_system.h"
#include "doomdef.h"
+#include "m_misc.h"
#include "p_local.h"
#include "s_sound.h"
#include "g_game.h"
@@ -2706,7 +2707,7 @@
// get name
name = DEH_String(mobjinfo[(MT_TOKEN_QUEST1 - 1) + actor->info->speed].name);
- strcpy(pmsgbuffer, name); // inlined in asm
+ M_StringCopy(pmsgbuffer, name, sizeof(pmsgbuffer)); // inlined in asm
// give quest and display message to players
for(i = 0; i < MAXPLAYERS; i++)
--- a/src/strife/p_inter.c
+++ b/src/strife/p_inter.c
@@ -31,6 +31,7 @@
#include "deh_main.h"
#include "deh_misc.h"
#include "doomstat.h"
+#include "m_misc.h"
#include "m_random.h"
#include "i_system.h"
#include "am_map.h"
--- a/src/strife/p_switch.c
+++ b/src/strife/p_switch.c
@@ -41,6 +41,7 @@
#include "p_dialog.h"
#include "p_local.h" // haleyjd [STRIFE]
#include "m_bbox.h" // villsa [STRIFE]
+#include "m_misc.h"
// Data.
#include "sounds.h"
--- a/src/strife/r_data.c
+++ b/src/strife/r_data.c
@@ -37,6 +37,7 @@
#include "r_local.h"
#include "p_local.h"
#include "doomstat.h"
+#include "m_misc.h"
#include "r_sky.h"
#include "r_data.h"
#include "sounds.h" // villsa [STRIFE]
@@ -485,21 +486,20 @@
int temp2;
int temp3;
-
+
// Load the patch names from pnames.lmp.
- name[8] = 0;
names = W_CacheLumpName (DEH_String("PNAMES"), PU_STATIC);nummappatches = LONG ( *((int *)names) );
name_p = names+4;
patchlookup = Z_Malloc(nummappatches*sizeof(*patchlookup), PU_STATIC, NULL);
-
- for (i=0 ; i<nummappatches ; i++)
+
+ for (i = 0; i < nummappatches; i++)
{- strncpy (name,name_p+i*8, 8);
+ M_StringCopy(name, name_p + i * 8, sizeof(name));
patchlookup[i] = W_CheckNumForName (name);
}
W_ReleaseLumpName(DEH_String("PNAMES"));-
+
// Load the map texture definitions from textures.lmp.
// The data is contained in one or two lumps,
// TEXTURE1 for shareware, plus TEXTURE2 for commercial.
--- a/src/strife/s_sound.c
+++ b/src/strife/s_sound.c
@@ -39,6 +39,7 @@
#include "sounds.h"
#include "s_sound.h"
+#include "m_misc.h"
#include "m_random.h"
#include "m_argv.h"
@@ -553,7 +554,7 @@
{voice = calloc(1, sizeof(voiceinfo_t));
- strncpy(voice->sfx.name, name, 8);
+ M_StringCopy(voice->sfx.name, name, sizeof(voice->sfx.name));
voice->sfx.priority = INT_MIN; // make highest possible priority
voice->sfx.pitch = -1;
voice->sfx.volume = -1;
@@ -607,8 +608,7 @@
return;
// Because of constness problems...
- strncpy(lumpnamedup, lumpname, 9);
- lumpnamedup[8] = '\0';
+ M_StringCopy(lumpnamedup, lumpname, sizeof(lumpnamedup));
if((lumpnum = W_CheckNumForName(lumpnamedup)) != -1)
{--- a/src/strife/wi_stuff.c
+++ b/src/strife/wi_stuff.c
@@ -1697,12 +1697,12 @@
if (gamemode == commercial)
{- strncpy(name, DEH_String("INTERPIC"), 9);+ M_StringCopy(name, DEH_String("INTERPIC"), sizeof(name));name[8] = '\0';
}
else if (gamemode == retail && wbs->epsd == 3)
{- strncpy(name, DEH_String("INTERPIC"), 9);+ M_StringCopy(name, DEH_String("INTERPIC"), sizeof(name));name[8] = '\0';
}
else